Telecom fraud is back, and it’s now more prevalent than ever. As more and more organizations choose to run their phone lines over the Internet, the potential payoffs for phone hackers, or “phreakers,” grows exponentially larger. It thus shouldn’t come as any great surprise that telecom fraud is sharply on the rise in China, nor should it be any surprise that businesses all over the world are losing billions.
In a typical telecom scam, a hacker gains the user ID and password of an employee at a particular business. Once they’ve access to that employee’s account information, they set up a caller that lets them dial an unlimited number of calls to anywhere in the world. Then they start making money, either through a premium-rate phone service or by selling the business’s call time.
“Hackers sign up to lease premium-rate phone numbers, often used for sexual-chat or psychic lines, from one of dozens of web-based services that charge dialers over $1 a minute and give the lessee a cut,” writes Nicole Perlroth of the New York Times. “The hackers then break into a business’s phone system and make calls through it to their premium number, typically over a weekend, when nobody is there to notice.”
“The swindle, which on the web is easier to pull off and more profitable, affects mostly small businesses and cost victims $4.73 billion globally last year,” adds Perlroth. Given that little statistic – and the fact that telecom fraud often incurs costs in the sextuple digits – you want to do everything you can to protect your business. Especially because carriers aren’t often in the business of reimbursing fraudulent charges.
But what exactly CAN you do?
According to Perlroth and Bell, protecting yourself against telecom fraud involves the following:
- Block normal long distance calls outside regular business hours.
- Educate your employees on the proper measures to prevent fraud.
- Ensure they change the manufacturer’s default password immediately upon receiving a voicemail box.
- Ensure they use strong passwords.
- Require passwords on your voicemail system, and program it so that they are refreshed every 90 days.
- Do not leave unsigned voicemail boxes activated.
- Turn off call forwarding.
- Monitor your phone line closely, and immediately take action if you note any suspicious activity.
- Secure your phone with a firewall – treat it as a connected device.
Telecom fraud is one of the oldest scams in the book, but with the prevalence of VOIP systems, it’s gained new life. The problem, I think, is that many businesses don’t yet realize that they’re vulnerable. They treat their phone lines as simply communication tools, when in actuality they’re Internet connected machines – and have been for some time.
It’s high time businesses start treating them as such – otherwise, there will be billions more lost to these hackers in the future.